Skip to content

v3.18.0

Latest
Latest

Choose a tag to compare

View all tags
@github-actions github-actions released this 23 Jun 22:29
v3.18.0
9de64e9

Changes 06/23/2026 (v3.18.0)

release(v3.18.0): file operation hardening

Commit message

release(v3.18.0): file operation hardening

- security(upload): reject shared-upload filename collisions and require edit authority for replacements
- security(metadata): use collision-resistant folder metadata filenames

Fixed

  • Upload overwrite hardening

    • Public shared-folder and portal uploads are now create-only when the destination filename already exists.
    • Authenticated uploads now require edit authority plus ownership, folder ownership, admin, or bypass ownership before replacing an existing file.
    • Upload collision errors preserve the original file content and return an explicit conflict/permission response.

  • Folder metadata isolation hardening

    • Folder metadata filenames now preserve distinct logical folder paths instead of flattening separators and spaces into the same name.
    • Ownership and read_own checks now resolve metadata from the same isolated path used by uploads, file operations, WebDAV, and background transfer handling.
    • Simple non-colliding folder metadata filenames remain compatible; existing metadata for collision-prone folders is copied into the isolated filename on first access.

v3.18.0

Full Changelog

v3.17.0 → v3.18.0

SHA-256 (zip)

cf024445b2fad4074b63ede97a6282765016a83c3a6d8ca3aeb62441d8b1db5e  FileRise-v3.18.0.zip
Assets 4
Loading